<?php

function dodaj($curDate, $curTime, $msg, $podpis, $ocena) {
	include ('laczenie_baza.php');
	
	$email = $_SESSION['zalogowany'];
	$query = "SELECT ID FROM user WHERE email = '$email'";
	$result = mysql_query($query);
	$r = mysql_fetch_row($result);
	
	if($msg=="" || $podpis=="" || $ocena =="") {
		echo "Niekompletne dane!";
		include('ocen_form.php');
	}
	else {
		$msg = (string)$msg;
		$podpis = (string)$podpis;
	$query = "INSERT INTO message(ID_User, Msg, podpis, data, godzina, ocena) VALUES ('$r[0]', '$msg', '$podpis', '$curDate', '$curTime', '$ocena')";
	$result = mysql_query($query);
	if(!$result)
		echo "Błąd bazy danych";
}
}

$date = getdate();
if($date['mon'] <10)
	$date['mon'] = "0".$date['mon'];
if($date['mday'] < 10)
	$date['mday'] = "0".$date['mday'];

$curDate = $date['year']."-".$date['mon']."-".$date['mday'];


$localtime = localtime(time(), true);
if($localtime['tm_hour'] < 10)
	$localtime['tm_hour'] = "0".$localtime['tm_hour'];
if($localtime['tm_min'] < 10)
	$localtime['tm_min'] = "0".$localtime['tm_min'];
if($localtime['tm_sec'] < 10)
	$localtime['tm_sec'] = "0".$localtime['tm_sec'];
$curTime = $localtime['tm_hour'].":".$localtime['tm_min'].":".$localtime['tm_sec'];

	include ('detect.php');
	if (!isset($_SESSION)) session_start();
	if(kto() == 1) {
		
		dodaj($curDate, $curTime, $_POST['komentarz'], $_POST['podpis'], $_POST['ocena']);
		header("Location: ocen.php");
		
		
	}
	else {
		echo "Nie jesteś zalogowany na pacjenta!";
		include ("index.php");
	}
?>